The title receives an executable file and executes it in the qiling environment. The topic examines the escape from the qiling environment. Qiling is a binary program execution environment based on unicorn. It implements syscall, binary loader and other operations, enabling it to execute executable programs across architectures and platforms. Through code auditing, it can be found that it lacks the judgment of path traversal when implementing the openat system call, so that rootfs can be bypassed. Using path traversal, we can read and write /proc/self/mem and getshell

Original writeup (https://r3kapig.com/writeup/20220125-rwctf4/#qlaas).